Allow the Oauth2 password authorisation grant without username/password for x509 client certificate authentication #11759
Assignees
Labels
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
status: duplicate
A duplicate of another issue
Comments
joshiste
added
status: waiting-for-triage
|
Closing this as duplicate of gh-4498 |
jgrandja
added
status: duplicate
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Expected Behavior
Allow the PasswordReactiveOAuth2AuthorizedClientProvider to be used without password nor username.
Current Behavior
PasswordReactiveOAuth2AuthorizedClientProvider will not attempt authentication when password/username not set
Context
Keycloak has the option to authenticate clients using x509 certificates instead of username and password when using the password autoriztion grant type (See https://www.keycloak.org/docs/19.0.0/server_admin/index.html#_x509 - the direct grant flow case)
As a workaround we set a bogus username and password.
The text was updated successfully, but these errors were encountered: